Can You Trust Trusted Solaris 8?

Peter Baer Galvin

In the old days, Trusted Solaris had a reputation of being difficult to manage. In fact, the user base consisted of government sites and other facilities where security was required. Trusted Solaris 8 aims to change all that, with a goal of being very Solaris-like, but with manageable security enhancements. How well does it succeed? Very well, as it turns out. I took it for a spin and liked the drive-ability.

The Need

Trusted Solaris 8 (TS8) arrived not long after standard Solaris 8 (S8OE), making it a viable alternative to the standard. Previous Trusted Solaris releases had a significant lag behind their counterparts. This helped contribute to the lack of interest in the secure alternative at sites where it was not required.

Security has become de rigueur as interconnections multiply almost as fast as security threats. Companies are connecting to the Internet, and to each other, like never before. Computer attacks are becoming more sophisticated, to the point where firewalled connections are the beginning, rather than the end, of a security implementation.

The popularity of Solaris increases the demand for security solutions on the platform. That is one of the reasons I wrote the Solaris Security FAQ a few years ago and have since maintained it (with an update in the offing).

Many sites are adopting TS8 due to the increasing demand for security in commercial environments. Financial and banking, service providers, and the healthcare industry are all taking advantage of the enhanced security found in Trusted Solaris. TS8 is currently under evaluation against Common Criteria EAL4 LSPP and RBACPP certification, with evaluation expected to be completed by the end of 2001. It has a firm lead in B1-equivalent security, leaving little option for those who want a fast, general-purpose but highly secure OS.

TS8 is a big improvement on TS2.5